CN110545175B - Security authentication method for communication protocol of charging pile and electric vehicle - Google Patents
Security authentication method for communication protocol of charging pile and electric vehicle Download PDFInfo
- Publication number
- CN110545175B CN110545175B CN201910781588.1A CN201910781588A CN110545175B CN 110545175 B CN110545175 B CN 110545175B CN 201910781588 A CN201910781588 A CN 201910781588A CN 110545175 B CN110545175 B CN 110545175B
- Authority
- CN
- China
- Prior art keywords
- message
- data
- charging pile
- management system
- battery management
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- B—PERFORMING OPERATIONS; TRANSPORTING
- B60—VEHICLES IN GENERAL
- B60L—PROPULSION OF ELECTRICALLY-PROPELLED VEHICLES; SUPPLYING ELECTRIC POWER FOR AUXILIARY EQUIPMENT OF ELECTRICALLY-PROPELLED VEHICLES; ELECTRODYNAMIC BRAKE SYSTEMS FOR VEHICLES IN GENERAL; MAGNETIC SUSPENSION OR LEVITATION FOR VEHICLES; MONITORING OPERATING VARIABLES OF ELECTRICALLY-PROPELLED VEHICLES; ELECTRIC SAFETY DEVICES FOR ELECTRICALLY-PROPELLED VEHICLES
- B60L53/00—Methods of charging batteries, specially adapted for electric vehicles; Charging stations or on-board charging equipment therefor; Exchange of energy storage elements in electric vehicles
- B60L53/60—Monitoring or controlling charging stations
- B60L53/66—Data transfer between charging stations and vehicles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L1/00—Arrangements for detecting or preventing errors in the information received
- H04L1/004—Arrangements for detecting or preventing errors in the information received by using forward error control
- H04L1/0056—Systems characterized by the type of code used
- H04L1/0061—Error detection codes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3252—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using DSA or related signature schemes, e.g. elliptic based signatures, ElGamal or Schnorr schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
- H04L2012/40208—Bus networks characterized by the use of a particular bus standard
- H04L2012/40215—Controller Area Network CAN
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Transportation (AREA)
- Mechanical Engineering (AREA)
- Charge And Discharge Circuits For Batteries Or The Like (AREA)
- Electric Propulsion And Braking For Vehicles (AREA)
Abstract
The invention provides a safety certification method for a communication protocol of a charging pile and an electric vehicle, which comprises the following specific steps of S1, in a charging handshake stage, enabling the charging pile and a battery management system of the electric vehicle to obtain the same shared seeds based on an ECDH shared seed exchange strategy; s2, the charging pile and the electric vehicle battery management system take the shared seed value as input, generate the same message verification code, add the same message verification code into a data message, and transmit the message verification code to the charging pile for verification; s3, for the non-data message with strict data field regulation, no redundant space is added with a message verification code, so that a random number is added and judged, and the verification of the non-data message is completed; and S4, verifying the data message and the non-data message, so that the safety certification of the communication protocol between the charging pile and the electric vehicle is completed. The invention provides an authentication method for a communication protocol of the charging pile, and can resist replay attack and man-in-the-middle attack.
Description
Technical Field
The invention belongs to the field of industrial control Internet of things, and particularly relates to a safety certification method for a communication protocol between a charging pile and an electric vehicle.
Background
Andrewa-Ina Radu is equal to 2015 and provides a lightweight CAN authentication protocol LeiA, and in the scheme, identity authentication between ECUs on an automobile is allowed, so that a subarea CAN resist various attacks. LibrA-CAN and CANAuth are two lightweight authentication protocols for CAN, both solutions use CAN + protocol, which is proposed by Tobias Ziermann et al, 2009, and the CAN + protocol is based on the existing structure of CAN bus, and sends data in the time gap when the CAN node on the bus is not in the monitoring state, thereby improving the transmission efficiency of data. The maximum transmission efficiency can be increased by 16 times. Bogdan Groza, equal to 2013, proposed a secure broadcast authentication protocol in CAN bus, which is to improve the broadcast mechanism of CAN based on the known key chain and time synchronization specification at the application layer of CAN, and then to use encryption authentication in CAN network, although the security is increased, the communication delay of bus is inevitably increased. Because the CAN protocol lacks an identity authentication mechanism, if an attacker accesses a malicious node into the CAN bus and broadcasts a message, the charging pile does not verify whether the identity of a message source is legal, and the message CAN be received and processed as long as the message meets the specification. Samuel Woo equals 2015 to propose an attack model for actually attacking a vehicle CAN network by using a malicious smartphone application in a networked vehicle environment, and after the weaknesses in the vehicle CAN network are summarized, the vehicle CAN network and the application design a vehicle CAN safety protocol. The scheme uses an Advanced Encryption Standard (AES) algorithm and a Message Authentication Code (MAC) to encrypt and authenticate a CAN data frame, and uses a random number and a counter to update a key to keep freshness.
Disclosure of Invention
The charging pile compares a message verification code generated by the charging pile with a message verification code in a received message, and passes verification only when the message verification codes are consistent. The scheme can enable the charging communication protocol to resist replay attack and man-in-the-middle attack.
The technical scheme of the invention is as follows:
a safety certification method aiming at a communication protocol between a charging pile and an electric automobile comprises the following specific steps,
s1, in a charging handshake phase, a charging pile and an electric vehicle battery management system obtain the same shared seeds based on an ECDH shared seed exchange strategy;
s2, the charging pile and the electric vehicle battery management system take the shared seed value as input, generate the same message verification code, add the same message verification code into the data message, and transmit the message verification code to the charging pile for verification;
s3, for the non-data message with strict data field regulation, no redundant space is added with a message verification code, so that a random number is added and judged, and the verification of the non-data message is completed;
and S4, verifying the data message and the non-data message, so that the safety certification of the communication protocol between the charging pile and the electric vehicle is completed.
In step S1, the ECDH-based shared seed exchange strategy includes the following steps,
step 1: selecting a finite field GF (P) safe elliptic curve E and selecting a base point G;
step 2: charging pile generates random number r A Multiplying the base point G by the base point G to obtain Q A =r A G, mixing Q A Sending the information to a battery management system of the electric automobile;
and 3, step 3: random number r generated by battery management system of electric vehicle B Multiplying the base point G by the base point G to obtain Q B =r B G, mixing Q B Sending the information to a charging pile;
and 4, step 4: electric vehicle battery management system receiving Q A Then, it is mixed with r B Obtaining the shared seed S ═ r by dot product calculation B Q A ;
And 5, step 5: after receiving QB sent by the battery management system of the electric vehicle, the charging pile and r A Obtaining the shared seed S ═ r by dot product calculation A Q B ;
After the steps are finished, the charging pile and the electric vehicle battery management system obtain the same shared seed S ═ r A r B G。
The method of adding the message authentication code to the data message in step S2 includes storing the message authentication code by splitting the data field and storing the message authentication code using a cyclic redundancy check code,
the method for storing the message verification code in the split data domain comprises the following steps:
dividing an original 64-bit data field of a data field in the CAN extended frame into two 32-bit spaces;
the first 32 bits of the data field still store data, and the second 32 bits store a message verification code with the length of 4 bytes;
the method for storing the message verification code by using the cyclic redundancy check code comprises the following steps:
averagely splitting an original 32-bit length message verification code into 2 parts, and separately storing a front 16-bit MAC and a rear 16-bit MAC into continuous CAN data frames;
taking the R bit and the DP bit of the CAN data frame as identifiers, continuously receiving the communication message when the two bits are 11, and verifying the two newly received frame messages when the two bits are 10;
and extracting, merging and verifying the MAC of the two frames of messages.
The data packet verification method with the message verification code added in step S2 specifically includes the following steps:
a: when the battery management system of the electric automobile sends a multi-frame message, a request sending message is sent first for establishing virtual connection with a charging pile;
b: after receiving the request message, the charging pile system generates a 32-bit random number R, adds the R into a reserved bit of the ready-to-send message, and sends the newly-constructed ready-to-send message to an electric vehicle battery management system;
c: after receiving a message to be sent, the electric vehicle battery management system extracts a random number R contained in the message, calculates a message verification code MacB of the electric vehicle battery management system, wherein the MacB is Hash (data | | S | | R | | countB), in a data frame to be sent next, puts a newly generated MacB into the rear 32 bits of a CAN data frame data domain, constructs a data frame with the message verification code and sends the data frame to a charging pile, each time a data frame with the message verification code is sent, the counter countB is updated in a countB + + updating mode, after updating, whether the data frame is completely sent or not is confirmed, if not, the new counter countB is substituted into a calculation formula of the message verification code to obtain a new MacB, and the steps are repeated until all the data frames are sent;
d: when a charging pile receives a frame of data frame with a message verification code, a counter countA is added with 1, then a message verification code MacB and a message data contained in the data frame are extracted, the message verification code MacA of the charging pile is calculated to be Hash (data | | | S | | R | | | countA) and compared with the current MacB, if the MacA is established, whether the received data frame is the last frame is judged, if not, the data message is continuously received, if the MacA is not established, the current identity verification does not pass, after all the data frames are confirmed to be received, a new seed value newS is calculated, the calculation formula is newS | | Hash (S | R | | | countA), and the value countA of the counter is placed into a reserved bit of a response ending message and sent to an electric vehicle battery management system;
e: after the battery management system of the electric vehicle confirms that all data frames are sent, calculating a new shared seed value newS, wherein the calculation formula is as follows: when receiving the end message, the electric vehicle battery management system extracts a counter countA contained therein, and compares whether the value of the counter is the same, that is, whether the counter ta is true or not, if so, the battery management system indicates that the identity authentication is passed, and both sides update the seed value: if the result is false, it indicates that the information between the two is not synchronized, and the counter countB needs to be set to 0 to restart the authentication process.
In step S3, the authentication of the non-data packet specifically includes analyzing security threats of three non-data packets, namely, a request-to-send packet, a ready-to-send packet, and a message-end-response packet, and includes the following steps:
a: the charging pile generates a random number x with the length of 1 byte, then the x is substituted into a mathematical equation with certain complexity to calculate to obtain y, the length of the y is also 1 byte, the random number x and the calculated y at each time are spliced into a random number r, the random number r is added into a reserved position for preparing to send a message, and the random number r is sent to an electric vehicle battery management system;
b: the battery management system of the electric automobile splits the random number r into x and y and substitutes the x and y into the same mathematical equation to verify the correctness of the r, if the r is verified to be correct, whether the r appears in the used random number is judged, if yes, the replay attack is detected, the battery management system of the electric automobile does not receive the message, and if not, the message is verified to be passed, and the value of the random number r is recorded at the same time.
The mathematical equation with certain complexity uses ax + by as a mathematical equation, wherein parameters a, b and c are determined by a shared seed S, the value of S is updated after one round of multi-frame message transmission is completed, and the corresponding values of a, b and c are also updated.
Compared with the prior art, the invention has the beneficial effects that: based on the shared seed exchange strategy of the ECDH, the charging pile and the electric vehicle obtain the same shared seed, and the shared seed is used for generating the message verification code. The two parties use the same method to generate the MAC, the electric automobile BMS puts the MAC into a data message and sends the MAC to the charging pile, and the charging pile judges the authenticity of the MAC so as to detect whether the charging pile is attacked or not. Aiming at three non-data messages which can not be put into MAC in a multi-frame message transmission mechanism, the method for verifying whether the message is legal or not by using a random number is provided by analyzing and discovering that the message to be sent has the threat of disconnecting communication connection when suffering from replay attack. The invention provides an authentication method for a communication protocol of the charging pile, and can resist replay attack and man-in-the-middle attack.
Drawings
Fig. 1 is an overall flowchart of the security authentication scheme of the present invention.
Fig. 2 is a diagram of an ECDH-based shared seed exchange strategy in the charging handshake phase of the present invention.
Fig. 3 is a flow chart of the present invention for authenticating a data message using a message authentication code.
Fig. 4 is a method for storing MAC in the DATA field of a split DATA frame according to the present invention.
Fig. 5 is a method of depositing a MAC using a CRC field of a data frame in the present invention.
Fig. 6 is a security threat analysis of non-data messages and a proposed method for authentication using random numbers in accordance with the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
As shown in fig. 1, is an overall flow chart of the authentication scheme. The whole process is divided into 4 parts: the charging handshake phase obtains shared seeds, verifies a multi-frame message by using an MAC (media access control) verification mechanism, and provides protective measures aiming at the security threat of non-data messages.
The specific implementation of the key parts in the first embodiment is described as follows:
1. shared seed exchange strategy
As shown in fig. 2, is a flow chart of the shared seed exchange strategy. In the process, the experimental environment needs to use an openssl class library, and C language is developed and used. Parameters are set according to the use of the elliptic curve, random numbers are generated for the parameters, and then the random numbers are multiplied by the base points to obtain new points which can be regarded as public keys. And finally, exchanging public keys of the two parties and multiplying the public keys by the random number to obtain a shared seed. The way the shared seed is calculated in the charging post and BMS program is the same.
2. Authentication scheme for data message
As shown in fig. 3, it is an authentication mechanism of data message. In the scheme, the charging pile and the electric vehicle BMS take data of a communication message, a random number R generated by the charging pile, a shared seed S and a counter as input of a hash function to generate a message verification code. And calling an interface function to send out the data frame with the message verification code. And the charging pile generates a message verification code in the same way and checks whether the message verification code of the received message is correct or not. After one round of multi-frame message transmission is finished, the shared seed value needs to be updated.
In the embodiment, the CAN data frame receiving and sending operations are carried out based on interface functions VCI _ Transmit and VCI _ Receive of a CANalyst-II analyzer. The CAN data frame is constructed by the structure VCI _ CAN _ OBJ through which the operations of adding the message authentication code and the random number are also performed. The hash function selects SHA256, and the generated 256 bits of data need to be cut into 32 bits of message verification codes.
3. Split data domain deposit MAC
As shown in fig. 4, the message authentication code is placed in the last 32 bits of the data field, and the first 32 bits store the message sequence number and data.
In the embodiment, the definition of the data field by the structural body VCI _ CAN _ OBJ defines the last 4 bytes as the data of the message authentication code.
4. Depositing MAC using CRC field
As shown in fig. 5, the CRC field of the CAN data frame is used to store the message authentication code. The original 4-byte length message verification code needs to be split into two 2-byte data, the two 2-byte data are separately placed in CRC fields of two frames of messages, and an even frame check is used during the check, and the check is performed once every two frames. And extracting the message authentication code and merging and authenticating.
5. Authentication of non-data messages using random numbers
As shown in fig. 6, the security threat analysis and protection scheme for three non-data packets is described. The existing security threat is that an attacker repeatedly transmits messages ready to be sent, so that the communication connection between the pile and the vehicle is closed, and the normal communication process is influenced. The protection scheme is as follows: adding a random number with the length of 2 bytes to a reserved bit of a message to be sent, recording the used random number by both communication parties, and considering the replay attack if the newly received message has the previously used random number. The random number R needs to be updated all the time.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.
Claims (1)
1. A safety certification method aiming at a communication protocol between a charging pile and an electric vehicle is characterized by comprising the following specific steps of,
s1, in a charging handshake phase, a charging pile and an electric vehicle battery management system obtain the same shared seeds based on an ECDH shared seed exchange strategy;
s2, the charging pile and the electric vehicle battery management system take the shared seed value as input, generate the same message verification code, add the same message verification code into the data message, and transmit the message verification code to the charging pile for verification;
s3, for the non-data message with strict data field regulation, no redundant space is added with a message verification code, so that a random number is added and judged, and the verification of the non-data message is completed;
s4, verifying the data message and the non-data message to complete the safety certification of the communication protocol between the charging pile and the electric vehicle;
in step S1, the ECDH-based shared seed exchange strategy includes the following steps,
step 1: selecting a finite field GF (P) safety elliptic curve E and selecting a base point G;
step 2: charging pile generates random number r A Multiplying the base point G by the base point G to obtain Q A =r A G, mixing Q A Sending the information to a battery management system of the electric automobile;
and 3, step 3: random number r generated by battery management system of electric automobile B Multiplying the base point G by the base point G to obtain Q B =r B G, mixing Q B Sending the information to a charging pile;
and 4, step 4: electric vehicle battery management system receiving Q A Then, it is mixed with r B Obtaining the shared seed S ═ r by dot product calculation B Q A ;
And 5, step 5: after receiving QB sent by the battery management system of the electric vehicle, the charging pile and r A Obtaining the shared seed S ═ r by dot product calculation A Q B ;
After the steps are finished, the charging pile and the electric vehicle battery management system obtain the same shared seed S ═ r A r B G;
The method for adding the message authentication code to the data message in step S2 includes storing the message authentication code by splitting the data field and storing the message authentication code using the cyclic redundancy check code,
the method for storing the message verification code in the split data domain comprises the following steps:
dividing an original 64-bit data field of a data field in the CAN extended frame into two 32-bit spaces;
the first 32 bits of the data field still store data, and the second 32 bits store a message verification code with the length of 4 bytes;
the method for storing the message verification code by using the cyclic redundancy check code comprises the following steps:
averagely splitting the original 32-bit length message verification code into 2 parts, and separately storing the front 16-bit MAC and the rear 16-bit MAC into continuous CAN data frames;
taking the R bit and the DP bit of the CAN data frame as identifiers, continuously receiving the communication message when the two bits are 11, and verifying the two newly received frame messages when the two bits are 10;
extracting, merging and verifying the MAC of the two frames of messages;
the data packet verification method with the message verification code added in step S2 specifically includes the following steps:
a: when the battery management system of the electric automobile sends a multi-frame message, firstly sending a request message for establishing virtual connection with a charging pile;
b: after receiving the message requesting to send, the charging pile system generates a 32-bit random number R, adds the R into a reserved bit of the message to be sent, and sends the newly constructed message to be sent to the electric vehicle battery management system;
c: after receiving a message to be sent, the electric vehicle battery management system extracts a random number R contained in the message, calculates a message verification code MacB of the electric vehicle battery management system, wherein the MacB is Hash (data | | S | | R | | countB), in a data frame to be sent next, puts a newly generated MacB into the rear 32 bits of a CAN data frame data domain, constructs a data frame with the message verification code and sends the data frame to a charging pile, each time a data frame with the message verification code is sent, the counter countB is updated in a countB + + updating mode, after updating, whether the data frame is completely sent or not is confirmed, if not, the new counter countB is substituted into a calculation formula of the message verification code to obtain a new MacB, and the steps are repeated until all the data frames are sent;
d: when a charging pile receives a frame of data frame with a message verification code, a counter countA is added with 1, then a message verification code MacB and a message data contained in the data frame are extracted, the message verification code MacA of the charging pile is calculated to be Hash (data | | | S | | R | | | countA) and compared with the current MacB, if the MacA is established, whether the received data frame is the last frame is judged, if not, the data message is continuously received, if the MacA is not established, the current identity verification does not pass, after all the data frames are confirmed to be received, a new seed value newS is calculated, the calculation formula is newS | | Hash (S | R | | | countA), and the value countA of the counter is placed into a reserved bit of a response ending message and sent to an electric vehicle battery management system;
e: after the battery management system of the electric automobile confirms that all data frames are sent, calculating a new shared seed value newS, wherein the calculation formula is as follows: when receiving the end message, the electric vehicle battery management system extracts a counter countA contained therein, and compares whether the value of the counter is the same, that is, whether the counter ta is true or not, if so, the battery management system indicates that the identity authentication is passed, and both sides update the seed value: if the S is not true, the information between the S and the NewS is not synchronous, the counter countB needs to be set to be 0, and the authentication process is restarted;
in step S3, the authentication of the non-data packet specifically includes analyzing security threats of three non-data packets, namely, a request-to-send packet, a ready-to-send packet, and a message-end-response packet, and includes the following steps:
a: the charging pile generates a random number x with the length of 1 byte, then the x is substituted into a mathematical equation with certain complexity to calculate to obtain y, the length of the y is also 1 byte, the random number x and the calculated y at each time are spliced into a random number r, the random number r is added into a reserved position for preparing to send a message, and the random number r is sent to an electric vehicle battery management system;
b: the battery management system of the electric automobile splits the random number r into x and y and substitutes the x and y into the same mathematical equation to verify the correctness of the r, if the r is verified to be correct, whether the r appears in the used random number is judged, if yes, the replay attack is detected, the battery management system of the electric automobile does not receive the message, if not, the message is verified to be passed, and the value of the random number r is recorded;
the mathematical equation with certain complexity uses ax + by as a mathematical equation, wherein parameters a, b and c are determined by a shared seed S, the value of S is updated after one round of multi-frame message transmission is completed, and the corresponding values of a, b and c are also updated.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910781588.1A CN110545175B (en) | 2019-08-23 | 2019-08-23 | Security authentication method for communication protocol of charging pile and electric vehicle |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910781588.1A CN110545175B (en) | 2019-08-23 | 2019-08-23 | Security authentication method for communication protocol of charging pile and electric vehicle |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110545175A CN110545175A (en) | 2019-12-06 |
CN110545175B true CN110545175B (en) | 2022-08-26 |
Family
ID=68711913
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910781588.1A Active CN110545175B (en) | 2019-08-23 | 2019-08-23 | Security authentication method for communication protocol of charging pile and electric vehicle |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110545175B (en) |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112202549B (en) * | 2020-09-02 | 2023-03-21 | 深圳市车电网络有限公司 | Charging management method, charging terminal data processing method and charging management platform data processing method |
CN112216026A (en) * | 2020-09-03 | 2021-01-12 | 北京握奇智能科技有限公司 | Electric vehicle charging non-inductive payment method and system based on front-mounted OBU |
CN112653559B (en) * | 2021-01-04 | 2023-01-06 | 潍柴动力股份有限公司 | Electric control unit starting method and device and storage medium |
CN114670696A (en) * | 2021-06-22 | 2022-06-28 | 北京新能源汽车股份有限公司 | Charging control method and device, charging pile and electric vehicle |
CN113810403B (en) * | 2021-09-15 | 2023-02-14 | 国网湖北省电力有限公司恩施供电公司 | Charging pile vulnerability detection method and detection device based on communication protocol |
CN115550069B (en) * | 2022-11-29 | 2023-05-09 | 国网电动汽车服务(天津)有限公司 | Intelligent charging system of electric automobile and safety protection method thereof |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105637803A (en) * | 2014-05-08 | 2016-06-01 | 松下电器(美国)知识产权公司 | On-vehicle network system, fraud-detection electronic control unit, and method for tackling fraud |
CN106503494A (en) * | 2016-11-05 | 2017-03-15 | 福建省北峰电讯科技有限公司 | A kind of firmware protection location and guard method with flash memory microcontroller on piece |
CN106790053A (en) * | 2016-12-20 | 2017-05-31 | 江苏大学 | A kind of method of ECU secure communications in CAN |
CN109889333A (en) * | 2019-01-24 | 2019-06-14 | 深圳忆联信息系统有限公司 | Firmware data encryption method, device, computer equipment and storage medium |
-
2019
- 2019-08-23 CN CN201910781588.1A patent/CN110545175B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105637803A (en) * | 2014-05-08 | 2016-06-01 | 松下电器(美国)知识产权公司 | On-vehicle network system, fraud-detection electronic control unit, and method for tackling fraud |
CN106503494A (en) * | 2016-11-05 | 2017-03-15 | 福建省北峰电讯科技有限公司 | A kind of firmware protection location and guard method with flash memory microcontroller on piece |
CN106790053A (en) * | 2016-12-20 | 2017-05-31 | 江苏大学 | A kind of method of ECU secure communications in CAN |
CN109889333A (en) * | 2019-01-24 | 2019-06-14 | 深圳忆联信息系统有限公司 | Firmware data encryption method, device, computer equipment and storage medium |
Non-Patent Citations (2)
Title |
---|
Efficient In-Vehicle Delayed Data Authentication Based on Compound Message Authentication Codes;Dennis K. Nilsson等;《2008 IEEE 68th Vehicular Technology Conference》;20080924;第II-V节 * |
一种基于AES-CCM算法的安全车载CAN网络协议;朱立民等;《汽车技术》;20180802;第2-4节 * |
Also Published As
Publication number | Publication date |
---|---|
CN110545175A (en) | 2019-12-06 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110545175B (en) | Security authentication method for communication protocol of charging pile and electric vehicle | |
CN109600350B (en) | System and method for secure communication between controllers in a vehicle network | |
Palaniswamy et al. | An efficient authentication scheme for intra-vehicular controller area network | |
CA2865835C (en) | System and method for connecting client devices to a network | |
US11245535B2 (en) | Hash-chain based sender identification scheme | |
Wang et al. | A secure and efficient multiserver authentication and key agreement protocol for internet of vehicles | |
Fassak et al. | A secure protocol for session keys establishment between ECUs in the CAN bus | |
US8422670B2 (en) | Password authentication method | |
JP2008545353A (en) | Establishing a reliable relationship between unknown communicating parties | |
Park | One-time password based on hash chain without shared secret and re-registration | |
US10122755B2 (en) | Method and apparatus for detecting that an attacker has sent one or more messages to a receiver node | |
Soleymani et al. | PACMAN: Privacy-preserving authentication scheme for managing cybertwin-based 6G networking | |
Huang et al. | A secure communication over wireless environments by using a data connection core | |
CN111654481A (en) | Identity authentication method, identity authentication device and storage medium | |
Gagneja et al. | Security protocol for Internet of Things (IoT): Blockchain-based implementation and analysis | |
CN111614462B (en) | Key calculation method and system based on blockchain | |
EP3361691B1 (en) | Method and device for verifying validity of identity of entity | |
Lenard et al. | LOKI: A lightweight cryptographic key distribution protocol for controller area networks | |
Sun et al. | ECQV-GDH-Based Group Key Exchange Protocol for CAN Bus | |
Zhang et al. | A Domain Isolated Tripartite Authenticated Key Agreement Protocol With Dynamic Revocation and Online Public Identity Updating for IIoT | |
CN112738751B (en) | Wireless sensor access authentication method, device and system | |
CN112689283B (en) | Key protection and negotiation method, system and storage medium | |
CN114513316A (en) | Identity-based anonymous authentication method, server and user terminal equipment | |
CN105515775B (en) | Efficient privacy protection signcryption method | |
Xu et al. | A Lightweight Security Authentication Method for the Charging Protocol of Smart Charging Pile |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |